Quantum Leap: New Tech Could Make Perfectly Secure Communications

By Tia Ghose, Staff Writer |
March 26, 2014 02:00pm ET

MORE

With quantum encryption, in which a message gets encoded in bits represented by particles in different states, a secret message can remain secure even if the system is compromised by a malicious hacker.

Quantum cryptography could provide unbreakable security in the near future, perhaps in the next few years, researchers argue.

The technology relies on quantum mechanics, the laws of nature that govern the behavior of tiny subatomic particles, to ensure that eavesdroppers can't snoop on secure messages without being detected.

These systems can produce perfectly secure communications and unbreakable codes, even when the devices producing the quantum cryptography are somewhat unreliable or have been hacked by a malicious outsider. To achieve perfect security, users would only have to ensure these devices pass a statistical test before using them, according to a perspectives article published today (March 26) in the journal Nature.

Difficult puzzles

Cryptography relies on the idea of a sender and receiver sharing a secret key. As far back as 400 B.C., the Spartan military commanders used a device called a scytale to write messages on strips of paper twirled around a baton; the messages could be decoded only when wrapped around the right-sized baton.

Modern cryptography, such as the Web-standard RSA encryption, relies on keys created by multiplying two gigantic prime numbers together. To break the code, a hacker would need to know the prime factors of the key, which are incredibly difficult to calculate. [The 9 Most Massive Numbers In Existence]

But with enough computational brute strength, these factors could be calculated. And if someone one day figures out a way to calculate prime factors easily, it would render RSA encryption insecure.

Quantum entanglement

Perfectly unbreakable code would rely on a one-time pad.

In this system, a completely secret, random number is used to encrypt a message, and the key is then destroyed after the message is read. As long as the key is never reused, these codes could never be cracked.

The trouble is, how does the sender get the key to the receiver without someone eavesdropping?

The answer is to send keys that rely on quantum mechanics. When a particle of light, or a photon, travels from one position to another, it travels in an indeterminate orientation or polarization that is altered as soon as someone tries to measure it. So if a key was encoded via entangled quantum particles, there is no way to eavesdrop on the key without changing it, making it immediately obvious to both sender and receiver.

"This is based not on the difficulty of certain mathematical problems but on the laws of physics," said article co-author Artur Ekert, a cryptologist at the University of Oxford in England and the National University of Singapore. "We as humans do not have any influence on the laws of physics."

New breakthrough

Quantum cryptography devices are already on the market. Until now, however, researchers thought these systems would only work if the devices that generated the encryption were completely reliable: if the makers botch the production, the devices could still theoretically be hacked.

But research in the past few years by Ekert and co-author Renato Renner, a researcher at the Institute for Theoretical Physics in Switzerland, as well as others, showed that even shoddy devices infiltrated by enemies could still produce perfect encryption.

The only requirement is that the random numbers generated for the one-time pad are truly random and that there is some quantum entanglement in the device, which can be determined by running a statistical test, Ekert said.

That means perfect security could be within reach for people beyond the NSA and other governments. Even if a snooper inserted a tracking chip into an encryption device or tried to weaken the encryption in other ways, it could still provide perfect security, as long as the devices themselves were kept in secure locations and passed a statistical test.

"Even if you don't know the internal working of the device or don't trust the provider, as long as that device generates certain kinds of correlations, then it's okay," Ekert told Live Science. "There's no way to insert Trojan horses or any sorts of devices that would spy on you."

Editor's Recommendations

Tia has interned at Science News, Wired.com, and the Milwaukee Journal Sentinel and has written for the Center for Investigative Reporting, Scientific American, and ScienceNow. She has a master's degree in bioengineering from the University of Washington and a graduate certificate in science writing from the University of California Santa Cruz.